Internet, E Mail and
Electronic Communication Policy
This policy is twenty-three (23) page in length, is compliant with all recent legislation (SOX, HIPAA, Patriot Act, and Sensitive information), and covers:
- Appropriate use of equipment
- Internet access
- Electronic Mail
- Retention of e-mail on personal systems
- E-mail and business records retention
- Copyrighted materials
- Banned activities
- Ownership of information
Included with the policy are forms that can be used to facilitate the implementation of the policy. Included are these ready to use forms:
- Internet & Electronic Communication Employee Acknowledgement (short form)
- E-Mail - Employee Acknowledgement (short form)
- Internet Use Approval Form
- Internet Access Request Form
- Security Access Application Form
The WORD template uses the latest CSS style sheet and can easily be modified to conform to the style used in your enterprise policy manual.
Latest Policy News
Global compliance issuesDecember 4th, 2013
The global regulation that has emerged since the financial crisis is the most rapidly evolving in nearly a century. This environment presents new challenges for compliance professionals as they navigate new regulations, implement new reporting processes within their organization, seek to create operational efficiencies and maintain an effective compliance program.
Chief Compliance Officers (CCO) and other industry professionals need to understand the regulatory reporting challenges faced by all types of enterprises, find lessons learned from others, as well as common practices that firms can leverage. Understanding these new regulations and their reporting requirements, as well as the complex data environment, are critical aspects of operating a strategic compliance program. Janco common practices for compliance excellence and share methods for new reporting implementation. Attendees will hear what challenges firms are facing, what technology and operational strategies they are using to adequately address emerging risks and how theyre ensuring adequate policies and procedures are in place.more info
IT spending slowsNovember 5th, 2013
For the last 2 quarters Janco Associates (www.e-janco.com) has been saying that spending for IT in the U.S. is slowing. Now, it is reported in Computerworld that another research firm is saying the same thing. That research firm now projects that tech spending will increase by 3.9% this year; that's well below its earlier prediction of 5.7%.
The federal budget sequester, the government shutdown and the threat of default have had negative impacts on the economy and direct negative impacts on federal tech buying, as well as indirect impacts on CIOs who simply became cautious.
For instance, CIOs who might have bought servers to meet new demand for computing power are instead moving peak loads and special projects to infrastructure-as-a-service providers.
The White House estimates that the 16-day government shutdown reduced the growth rate of GDP in this quarter by 0.2% to 0.6%.
Next year, that firm projects that U.S. business and government purchases of IT goods and services will rise by 5.3%, thanks to a revived housing market, modest improvement in employment and consumer spending, and improved exports. In contrast Janco Associates feels that spending will be less until after the election next year.- more info
Persons with disabilities at higher risk during a disasterOctober 13th, 2013
UN survey shows needs of persons with disabilities largely ignored during disasters
A high proportion of persons with disabilities die or suffer injuries during disasters because they are rarely consulted about their needs and Governments lack adequate measures to address them, according to a United Nations survey released ahead of the International Day for Disaster Reduction.
The online survey, produced by the UN Office for Disaster Risk Reduction (UNISDR) and partners, consulted nearly 6,000 persons with disabilities in 126 countries on how they cope and prepare for disasters.
The results show that people living with disabilities across the world are rarely consulted about their needs in times of disasters. In cases where they need to evacuate such as during floods or earthquakes, only 20 percent of respondents said they could evacuate immediately without difficulty, 6 percent said they would not be able to evacuate at all and the remainder said they would be able to evacuate with a degree of difficulty.more info
CIO ToolkitsSeptember 12th, 2013
Tool Kits -- CIO CTO Tools
IT-ToolKits.com is the resource site for Information Technology management. This site contains the Information Technology and management infrastructure tools that the CIO, CSO, and CFO can use for Sarbanes Oxley, Disaster Recovery, Security, Job Descriptions, IT Service Management, Change Control, Help Desk, Service Requests, SLAs - Service Level Agreements, and Metrics. Site includes Browser and Operating System Market Share White Paper and IT Salary Survey Data.
Disaster Recovery Templates are Sarbanes Oxley compliant and the Disaster Recovery Template is included in the Sarbanes Oxley Compliance Kit
IT-Toolkits.com supports a wide range of industries and enterprises of all sizes. Our clients include over 2,500 premier corporations from around the world, including over 250 of the Fortune 500.- more info
Business interruptions to consider when creating a bcpAugust 26th, 2013
Business interruptions vary widely in more than duration. As you design your plan, consider the probability of threats that are:
Historical - events that have occurred (Power outages, earthquakes, hurricanes)
- Human - events likely from carelessness, malicious intent, fatigue, or lack of training
- Geographical - events likely as a result of the location of your business (floods, storms, lightning strikes, earthquakes, typhoons, tsunamis)
- Localized - events due to system malfunctions (assembly line failures, computer crashes, sprinkler activations, chemical spills)
- Planned - scheduled events (software upgrades, system tests) that go awry
Follow us at https://twitter.com/@itmanagercio
- more info
Security will become more complex with the evolution of the Internet of thingsAugust 9th, 2013
The Internet of Things is a network of Internet-enabled, real-world objects, such as nanotechnology, consumer electronics, home appliances, sensors of all kinds, embedded systems, and personal mobile devices. It includes enabling network and communication technologies, such as IPv6, web services, RFID, and 4G networks. Today this is a reality seeing the people are using mobile devices. For example, you can monitor your home security, lights, heating, and cooling from your smartphone. You can purchase a refrigerator that monitors its processes and sends reports to your smartphone.
Janco predicts that, by 2020, possibly 50 billion devices will be connected, a number that is 10 times that of all current Internet hosts, including connected mobile phones3. This amazing number of connected devices, along with the required
conditions for maintenance and effective operation, present intricate and complex challenges that affect Internet-of-Things
adoption and growth.
- more info
- Risk Assessment Methodology Risk Assessment Methodology Risk Assessment Methodology extracted from Jancos Security Manual Template Risk management is a process to identify, assess, manage and control potential events...
- Google data center security & disaster recovery This is a great video on physical security as well as the the software security. This is a great primer which all CIOs and Data...
- CIOs are not conducting cloud computing risk assessments CIOs are not conducting cloud computing risk assessments A new survey by Protiviti has found that cyber security tops chief information officers concerns, with 84...
- Security Audit a Necessary Part of Compliance Security Audit and Compliance Why do we need to do a security audit is question that many IT pros ask. Many organizations have to respond...
- 10 BYOD Best Practices for CIOs BYOD Best Practices for CIOs Bring Your Own Devices (BYOD) is exploding all over corporations. CIOs are in the cross hairs and need to follow...
IT Hiring News DigestAugust 2nd, 2013
IT Hring News - Digest of Recent Articles
- IT Job Market Improving? Some say the IT Job Market is improving from the 2009 slump IT Job Market Improving? An on-line job portal, Dice says IT degree graduates...
- Poor job picture impacts IT hiring prospects IT hiring trends have been driven by overall job market conditions IT hiring prospects do not look good. According to the BLS from June 2012...
- IT Job Market grows 10 major findings Where are the jobs for our college graduates? IT Job Market growth is slow. Over the last few years the number of new jobs for...
- CIO confidence wanes Hiring slows CIO worries IT job market growth continues to slow from 9,800 jobs in January and 5,500 jobs in February to 5,400 in March ...
- IT hiring CIOs have mixed feelings on Fourteen percent of U.S. chief information officers (CIOs) surveyed recently plan to expand their IT teams in the second quarter of 2013, according to a...
IT Job Descriptionsmore info
Unmanaged administrarive right pose a security and compliance riskJuly 9th, 2013
Unmanaged administrator rights pose a critical security challenge, making possible malware attacks that exploit elevated privileges and encouraging employees to run unauthorised applications that generate inadvertent, unquantifiable risk.
Privilege management is a practical solution to the problem of the loosely-managed desktop. The following is an outline of the key business, technical and implementation considerations when assessing an investment in such technology.
- more info
- Security: the permissive elevation of admin privileges is an obvious security risk. Users can potentially run unauthorised software or even malware. Malware attacks routinely ask for such privileges so these represent a significant security vulnerability.
- Compliance: policing admin rights has become a regulatory issue not only to meet legal requirements imposed in some countries but to satisfy independent audits. The global nature of financial services means that the toughest regulation is always the one to worry about.
- Efficiency and cost: there is a potential to reduce helpdesk workload. Low-level functions (e.g. power management, connecting to local printers) can be granted without staff involvement, based on policies. These policies will also regulate all application elevation, again lowering the authorization overhead.
Employees are key to security complianceJune 27th, 2013
The best safe in the world is worthless if you don't keep the combination a secret. The same concept holds true for data protection. No matter how state-of-the-art your encryption technology is, if your employees aren't security-savvy, it's not guaranteed to be effective.
Security incidents are rising at an alarming rate every year. As the complexity of the threats increases, so do the security measures required to protect networks and critical enterprise data. CIOs, Data center operators, network administrators, and other IT professionals need to comprehend the basics of security in order to safely deploy and manage data and networks.
Securing a typical business network and IT infrastructure demands an end-to-end approach with a firm grasp of vulnerabilities and associated protective measures. While such knowledge cannot stop all attempts at network incursion or system attack, it can empower IT professionals to eliminate general problems, greatly reduce potential damages, and quickly detect breaches.
- more info
- Life cycle for business continuity and security breaches are the same When a security breach or business interruption occur, the life cycle from the start to the end are the same. First and foremost you must...
- Employees drive the movement to BYOD and cloud computing CIOs face a security nightmare with the drive towards BYOD and cloud computing High achieving employees typically want newer,faster and higher performance hardware than their...
- 10 steps to jump start your business continuity planning business continuity planning 10 steps to jump start your BCP Business Continuity For many businesses there is some technology component that allows them...
- Security Ethics Collide Security Ethics are a growing concern for many According to a new report by Symantec CIOs need to be concerned about security and ethics, half...
- Many CIOs have not addressed cloud security issues Less than 50% of all organizations have policies in place that for vetting cloud computing applications for possible security risks before deploying them. The number...
Workforce mobility a productivity issue for CIOsJune 2nd, 2013
Part of the CIO's job is to support maximum productivity by choosing appropriate infrastructure for laptops and other devices to meet the individualized needs of mobile employees. But IT leaders also must support the mobile infrastructure in a way that is designed to minimize costs, simplify administration efforts, protect against mobile-specific threats, and ensure security. Key enablers of the mobile workforce include the following:
- more info
- Outstanding security and network accessibility
- Simple, intuitive systems and data management tools
- A streamlined process for backing up critical data
- Smooth transitions when changing hardware or software